From a6de1561461cc719fddd8175c93588a47513a4b8 Mon Sep 17 00:00:00 2001
From: jessib <jessib@riseup.net>
Date: Fri, 5 Oct 2012 15:41:03 -0700
Subject: Rough code to add & comment on tickets.

---
 users/app/models/user.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index a6aab84..33c77ce 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -59,4 +59,8 @@ class User < CouchRest::Model::Base
     Thread.current[:user] = user
   end
 
+  def self.current_test
+    User.first
+  end
+
 end
-- 
cgit v1.2.3


From 8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 Mon Sep 17 00:00:00 2001
From: jessib <jessib@riseup.net>
Date: Thu, 18 Oct 2012 13:42:37 -0700
Subject: Uses the working authentication code.

---
 users/app/models/user.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 8b7c0b3..29c0b38 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -63,15 +63,13 @@ class User < CouchRest::Model::Base
     login
   end
 
+=begin
   def self.current
     Thread.current[:user]
   end
   def self.current=(user)
     Thread.current[:user] = user
   end
-
-  def self.current_test
-    User.first
-  end
+=end
 
 end
-- 
cgit v1.2.3


From a2a8caf577415ef51c0f99da43f9b47bde226fc6 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 29 Oct 2012 12:08:25 +0100
Subject: first steps at is_admin?

---
 users/app/models/user.rb | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 1afb9db..9bbf169 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -63,11 +63,8 @@ class User < CouchRest::Model::Base
     login
   end
 
-  def self.current
-    Thread.current[:user]
-  end
-  def self.current=(user)
-    Thread.current[:user] = user
+  def is_admin?
+    APP_CONFIG['admins'].include? self.id
   end
 
 end
-- 
cgit v1.2.3


From b7cf67590042eca10381a95f8b74070d7430dbdb Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 31 Oct 2012 10:40:03 +0100
Subject: user creation should send ok flag so js can start login

---
 users/app/models/user.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 8b7c0b3..b57af98 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -44,7 +44,10 @@ class User < CouchRest::Model::Base
   end
 
   def to_json(options={})
-    super(options.merge(:only => ['login', 'password_salt']))
+    {
+      :login => login,
+      :ok => valid?
+    }.to_json(options)
   end
 
   def initialize_auth(aa)
-- 
cgit v1.2.3


From 6c60b179a09030da985462d15dbdf076367b5ea4 Mon Sep 17 00:00:00 2001
From: jessib <jessib@riseup.net>
Date: Wed, 31 Oct 2012 12:10:07 -0700
Subject: Code to check administration (and ugly test display.) This includes
 example config file.

---
 users/app/models/user.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 2b8ead7..0f5d650 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -66,8 +66,9 @@ class User < CouchRest::Model::Base
     login
   end
 
+  # Since we are storing admins by login, we cannot allow admins to change their login.
   def is_admin?
-    APP_CONFIG['admins'].include? self.id
+    APP_CONFIG['admins'].include? self.login
   end
 
 end
-- 
cgit v1.2.3


From 6ba3366f778340ebeaa73fd53372368b16de6c98 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 13 Nov 2012 12:00:13 +0100
Subject: using client side validations during signup

---
 users/app/models/user.rb | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 0f5d650..824c439 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -16,8 +16,11 @@ class User < CouchRest::Model::Base
       :message => "Only letters, digits and _ allowed" }
 
   validates :password_salt, :password_verifier,
-    :format => { :with => /\A[\dA-Fa-f]+\z/,
-      :message => "Only hex numbers allowed" }
+    :format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
+
+  validates :password, :presence => true,
+    :confirmation => true,
+    :format => { :with => /.{8}.*/, :message => "needs to be at least 8 characters long" }
 
   timestamps!
 
@@ -71,4 +74,8 @@ class User < CouchRest::Model::Base
     APP_CONFIG['admins'].include? self.login
   end
 
+  protected
+  def password
+    password_verifier
+  end
 end
-- 
cgit v1.2.3


From cec9ad7c514f2f3c767bd12bfc3df28db4d1a98b Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 22 Nov 2012 11:36:25 +0100
Subject: using client side validations for login

---
 users/app/models/session.rb | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 users/app/models/session.rb

(limited to 'users/app/models')

diff --git a/users/app/models/session.rb b/users/app/models/session.rb
new file mode 100644
index 0000000..a9fdb1b
--- /dev/null
+++ b/users/app/models/session.rb
@@ -0,0 +1,34 @@
+class Session < SRP::Session
+  include ActiveModel::Validations
+
+  attr_accessor :login
+
+  validates :login,
+    :presence => true,
+    :format => { :with => /\A[A-Za-z\d_]+\z/,
+      :message => "Only letters, digits and _ allowed" }
+
+  def initialize(user = nil, aa = nil)
+    super(user, aa) if user
+  end
+
+  def persisted?
+    false
+  end
+
+  def new_record?
+    true
+  end
+
+  def to_model
+    self
+  end
+
+  def to_key
+    [object_id]
+  end
+
+  def to_param
+    nil
+  end
+end
-- 
cgit v1.2.3


From ec87ccfa185a4c063386d385de7af15f993b77d8 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 22 Nov 2012 16:22:18 +0100
Subject: fixed tests

---
 users/app/models/user.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 824c439..507eda5 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -36,7 +36,7 @@ class User < CouchRest::Model::Base
     # valid set of attributes for testing
     def valid_attributes_hash
       { :login => "me",
-        :password_verifier => "1234ABC",
+        :password_verifier => "1234ABCD",
         :password_salt => "4321AB" }
     end
 
-- 
cgit v1.2.3


From ee3c9146e4bbe93ec1f00ee45386a82ec4363c4d Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 23 Nov 2012 12:11:11 +0100
Subject: identify user by id so rerendering the form does not use new invalid
 login

---
 users/app/models/user.rb | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 507eda5..624754b 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -29,9 +29,7 @@ class User < CouchRest::Model::Base
   end
 
   class << self
-    def find_by_param(login)
-      return find_by_login(login) || raise(RECORD_NOT_FOUND)
-    end
+    alias_method :find_by_param, :find
 
     # valid set of attributes for testing
     def valid_attributes_hash
@@ -42,9 +40,7 @@ class User < CouchRest::Model::Base
 
   end
 
-  def to_param
-    self.login
-  end
+  alias_method :to_param, :id
 
   def to_json(options={})
     {
-- 
cgit v1.2.3


From ce0999ead0d61db1f6534ee9d8114c4551542e80 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Nov 2012 10:59:50 +0100
Subject: minor: client side validations fixed + .json request

---
 users/app/models/user.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 624754b..39d079a 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -9,7 +9,8 @@ class User < CouchRest::Model::Base
     :presence => true
 
   validates :login,
-    :uniqueness => true
+    :uniqueness => true,
+    :if => :serverside?
 
   validates :login,
     :format => { :with => /\A[A-Za-z\d_]+\z/,
@@ -74,4 +75,9 @@ class User < CouchRest::Model::Base
   def password
     password_verifier
   end
+
+  # used as a condition for validations that are server side only
+  def serverside?
+    true
+  end
 end
-- 
cgit v1.2.3


From 51ba799f98113b7112f2968fc80e4d291924b3bf Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Nov 2012 16:34:46 +0100
Subject: basic users index with typeahead search

---
 users/app/models/user.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'users/app/models')

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 39d079a..325c981 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -27,6 +27,7 @@ class User < CouchRest::Model::Base
 
   design do
     view :by_login
+    view :by_created_at
   end
 
   class << self
-- 
cgit v1.2.3